<?php

if (!defined('PUBLIC_HTML'))
{
	exit;
}

$page_title = 'Edit a user';
$user_id	= (isset($_GET['id'])) 		? (is_numeric($_GET['id']) ? intval($_GET['id']) : 0) : 0;
$submit = (isset($_POST['submit'])) ? true : false;

if ($db->sql_count(TABLE_USERS, 'usr_id', $user_id) == 0)
{
	if (!$ajax)
	{
		redirect('cms.php?p=users');
	}
	exit;
}

$get_user = 	"
				SELECT		*
				FROM		" . TABLE_USERS . "
				WHERE		usr_id = :usr_id
				";
//$sql_user =	$db->sql_query($get_user);
//$row_user = $db->sql_fetch_assoc($sql_user);
$database->query($get_user);
$database->bind(':usr_id', $user_id);
$row_user = $database->single();
		
$tpl_vars['USER_ID']	= (int)	$row_user['usr_id'];
$tpl_vars['USERNAME']	= (string)	$row_user['usr_name'];
$tpl_vars['USER_LEVEL']	= (int)	$row_user['usr_level'];
$tpl_vars['USER_EMAIL']	= (string) $row_user['usr_email'];

$tpl_vars['USER_LEVEL_NORMAL'] = ($row_user['usr_level'] == 0) ? ' selected="selected"' : '';
$tpl_vars['USER_LEVEL_ADMIN'] = ($row_user['usr_level'] == 1) ? ' selected="selected"' : '';

if ($submit)
{
	$post = array();
	$post['level']	= (isset($_POST['level']))		? (int) $string->secure($_POST['level'], 'sql_single_field') : (int) $row_users['usr_level'];
	$post['name']	= (isset($_POST['username']))	? ((!empty($_POST['username']))	? (string) $string->secure($_POST['username'],	'sql_single_field') : '') 			: '';
	$post['pass']	= (isset($_POST['password']))		? ((!empty($_POST['password']))	? (string) $string->secure($_POST['password'],	'password') 		: (string) $row_user['usr_pass']) : (string) $row_user['usr_pass'];
	$post['email']	= (isset($_POST['email']))		? ((!empty($_POST['email']))	? (string) $string->secure($_POST['email'],		'sql_single_field') : 'undefined') 	: 'undefined';
	$post['active']	= (int) 1;
	$database->sqlUpdate(TABLE_USERS, $post, 'usr_id', $user_id, 'usr_');
	redirect('cms.php?p=users');
	exit;
}

?>